7.8

CVE-2023-52495

EPSS 0.02%
Published 11.03.2024 18:15:17
Last modified 14.02.2025 16:39:14
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

soc: qcom: pmic_glink_altmode: fix port sanity check

The PMIC GLINK altmode driver currently supports at most two ports.

Fix the incomplete port sanity check on notifications to avoid
accessing and corrupting memory beyond the port array if we ever get a
notification for an unsupported port.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.3 < 6.6.15

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.031

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/532a5557da6892a6b2d5793052e1bce1f4c9e177

Patch

Mailing List

https://git.kernel.org/stable/c/c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0

Patch

Mailing List

https://git.kernel.org/stable/c/d26edf4ee3672cc9828f2a3ffae34086a712574d

Patch

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2023-52495

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52495

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52495

EUVD